Before posting a new question, please check out our Internet / WiFi and Spectrum TV App troubleshooting pages for common issues, as well as useful information to include in your post.

Advanced Search Options


We have advanced search options to make it easier to locate posts, questions and answers on this community.
More information can be found at Advanced Search Options
If you are looking for something specific, please check if someone else has already asked or answered the same question.

Why am I getting a DoS Attack/port scanned from 208.67.222.222 and 8.8.8.8

nomad15007nomad15007 Posts: 1 Newcomer
in Connectivity Jul 27, 2022

[DoS attack: TCP- or UDP-based Port Scan] from 208.67.222.222, port 4431Wed Jul 27 08:46:39 202271.87.125.24:51058208.67.222.222:443[DoS attack: TCP- or UDP-based Port Scan] from 208.67.222.222, port 4431Wed Jul 27 08:41:54 202271.87.125.24:62489208.67.222.222:443

[DoS attack: TCP- or UDP-based Port Scan] from 8.8.8.8, port 531Wed Jul 27 08:41:02 202271.87.125.24:60678.8.8.8:53[DoS attack: TCP- or UDP-based Port Scan] from 71.10.216.2, port 531Wed Jul 27 08:41:00 202271.87.125.24:5589571.10.216.2:53[DoS attack: TCP- or UDP-based Port Scan] from 71.10.216.1, port 531Wed Jul 27 08:40:59 202271.87.125.24:6380671.10.216.1:53

Replies

  • William_MWilliam_M Posts: 349 Moderator
    Jul 29, 2022

    Hi @nomad15007, welcome to our community!

    I could only speculate why someone is attempting to DOS you. Are actually losing internet or having any other problems with our service? We have DDOS protection which normally stops these attacks automatically.

  • RAIST5150RAIST5150 Posts: 863 Contributor
    Jul 29, 2022

    Those look more like SSL connection requests (port 443) and DNS queries (port 53, some from actual DNS servers).


    Are you sure it is an actual DoS attempt... as in you actually see something like syn flooding attempts and such?

    Or is it perhaps some form of reverse lookup authentication scheme (some services like email have started to do a lookback of sorts to fight spoofing/spam), or perhaps some other attempt to register/verify PTR names and such in DNS or something?

Sign In or Register to comment.